Versions (3)
Version DetailsCurrent
Rev: 4 • Aug 18, 2015, 12:00 PMET EXPLOIT Websense Content Gateway submit_net_debug.cgi cmd_param Param Buffer Overflow Attempt
alert http any any -> any 8081 (msg:"ET EXPLOIT Websense Content Gateway submit_net_debug.cgi cmd_param Param Buffer Overflow Attempt"; flow:to_server,established; http.method; content:"POST"; nocase; http.uri; content:"/submit_net_debug.cgi"; nocase; http.request_body; content:"cmd_param="; nocase; isdataat:500,relative; content:!"|0A|"; within:500; pcre:"/[\?\&]cmd_param=[^\&\r\n]{500}/si"; reference:cve,2015-5718; reference:url,seclists.org/fulldisclosure/2015/Aug/8; classtype:web-application-attack; sid:2021644; rev:4; metadata:created_at 2015_08_18, cve CVE_2015_5718, confidence High, signature_severity Major, updated_at 2020_05_29;)
Aug 18, 2015, 12:00 PM
May 29, 2020, 12:00 PM
Sep 21, 2024, 3:00 AM
May 30, 2025, 12:04 AM
rules/emerging-exploit.rules